CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Microsoft Patch Tuesday April 2026 – 168 Vulnerabilities Fixed, Including Actively Exploited 0-day
Microsoft has released its April 2026 Patch Tuesday security update, addressing 168 vulnerabilities across its product portfolio, including one actively exploited zero-day and one publicly disclosed f ...
-
CybersecurityNews
Critical etcd Auth Bypass Flaw Allows Unauthorized Access to Sensitive Cluster APIs
A critical authentication bypass vulnerability has emerged in etcd, the foundational distributed key-value store that supports countless cloud-native systems and Kubernetes clusters globally. Tracked ...
-
CybersecurityNews
Ivanti Neurons for ITSM Vulnerabilities Allow Remote Attacker to Obtain User Sessions
Ivanti has released security updates addressing two medium-severity vulnerabilities in Ivanti Neurons for ITSM (N-ITSM), its on-premise IT service management platform. The flaws, if exploited, could a ...
-
CybersecurityNews
CISA Warns of Microsoft Exchange and Windows CLFS Vulnerabilities Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to organizations regarding two severe Microsoft vulnerabilities. On April 13, 2026, the agency officially added ...
-
CybersecurityNews
Synology SSL VPN Client Vulnerabilities Let Remote Attackers Access Sensitive Files
Synology reveals two severe SSL VPN Client flaws that could let remote attackers steal sensitive files and intercept network traffic. The vulnerabilities affect users running older versions of the sof ...
-
CybersecurityNews
Critical FortiSandbox Vulnerabilities Allow Attackers to Execute Unauthorized Commands
Fortinet has disclosed two critical security vulnerabilities affecting its FortiSandbox platform, both carrying a CVSSv3 score of 9.1. The flaws, published on April 14, 2026, could allow unauthenticat ...
-
The Hacker News
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities ...
-
Daily CyberSecurity
Critical—9 Vulnerabilities in Orthanc DICOM Servers Threaten Medical Data Integrity
A series of critical security flaws has been uncovered in Orthanc, the popular open-source “lightweight Digital Imaging and Communications in Medicine (DICOM) server used to store, process, and retrie ...
-
The Hacker News
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-saf ...
-
Daily CyberSecurity
Juju’s CVSS 10 Flaw Hands Over Master Cloud Credentials
Juju, the popular open-source application orchestration engine, is facing a critical security emergency. A newly discovered vulnerability, carrying the maximum possible severity rating of CVSS 10, all ...